Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: [Wireshark-dev] Need help on Reassembly and building ethereal on windows.

From: Annie Misha <anniemisha@xxxxxxxxxxx>
Date: Tue, 14 Nov 2006 10:26:06 +0000 (GMT)
Hi all,
   We have added E-GCDR parsing support for GTP' protocol into Ethereal. The code addition has been made in the file packet-gtp.c. We are facing two issues here.
 
1. Packet reassembly:
   Our code works fine when we have a Single GTP' PDU which starts in the beginning of the TCP segment and ends in the same segment.
 
   When we have a PDU that is segmented and spanning multiple TCP segments, the PDU is not assembled and parsed completely. The code parses only the first segment and gives a Malformed packet error. A GTP' PDU can begin anywhere in a TCP segment. There can be more that one GTP' PDU (Data record request) or only a portion of one in a single segment. But here, when a GTP PDU starts in the middle of the TCP segment then ethereal does not recognize this. It would be great help if you can throw some light on this and your valuable suggestions to resolve the issue.
 
 
(We have tried using the tcp_dissect_pdus function - but this solves only one half of the issue. That is on using this, if a GTP' request starts in the beginning of the TCP segment and spans 1 and half segment, the code  parses the complete request by combining the first and half of second segment. However it fails to identify the next GTP' request which is present in the next half of the second segment.)
 
(Please note we have identified this issue by building an exe in Linux)

2. Building Ethereal on  Windows:
--------------------------------------------------
    We are trying to build Ethereal exe for windows using cygwin (including our code changes). When we execute the ./configure command for this, we get the following error:

checking for GTK+ - version >= 2.0.0... no
*** Could not run GTK+ test program, checking why...
*** The test program failed to compile or link. See the file config.log for the
*** exact error that occured. This usually means GTK+ is incorrectly installed.
checking for pkg-config... (cached) /usr/bin/pkg-config
checking for GLIB - version >= 2.0.0... yes (version 2.10.3)
checking whether GLib supports loadable modules... yes
checking for inttypes.h... (cached) yes
checking whether inttypes.h defines the PRI[doxu]64 macros... yes
checking for gethostbyname... yes
checking for connect... yes
checking whether to use libpcap for packet capture... yes
checking for extraneous pcap header directories... not found
checking pcap.h usability... no
checking pcap.h presence... no
checking for pcap.h... no
configure: error: Header file pcap.h not found; if you installed libpcap
from source, did you also do "make install-incl", and if you installed a
binary package of libpcap, is there also a developer's package of libpcap,
and did you also install that package?
 
Can someone please tell us what needs to be done here? It would be of great help if you could give us the exact procedure for building the exe for Windows. Do we have to set the PATH to any specific directory. Do we have to install any additional packages. If so, what are the additional packages to be installed? Your help in overcoming these bottlenecks will be very much appreciated. Thanks in advance.
 
Version used: ethereal-0.10.8-SVN-13012
 
Thanks,
Annie.D


Find out what India is talking about on - Yahoo! Answers India
Send FREE SMS to your friend's mobile from Yahoo! Messenger Version 8. Get it NOW